package cn.powertime.evaluation.shiro;

import cn.powertime.evaluation.facade.SysResFacade;
import cn.powertime.evaluation.facade.SysRoleFacade;
import cn.powertime.evaluation.facade.SysUserFacade;
import cn.powertime.evaluation.shiro.jwt.JwtToken;
import cn.powertime.evaluation.shiro.jwt.TokenUtils;
import cn.powertime.evaluation.vo.ShiroUserInfo;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;


/**
 * @author ZYW
 */
public class JwtRealm extends AuthorizingRealm {

    @Autowired
    private SysUserFacade userFacade;

    @Autowired
    private SysRoleFacade roleFacade;

    @Autowired
    private SysResFacade resFacade;


    @Autowired
    private TokenUtils tokenUtils;

    @Override
    public boolean supports(AuthenticationToken token) {
        //表示此Realm只支持JwtToken类型
        return token instanceof JwtToken;
    }

    /**
     * 权限验证
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        String principal = (String) principals.getPrimaryPrincipal();

        // 从数据库查询用户角色权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        if(principal!=null){

            /*// 根据username查询角色
            List<RoleDto> roles = roleService.getRoleByUserName(principal);
            roles.forEach(role -> {
                if (role.getRolename()!=null){
                    simpleAuthorizationInfo.addRole(role.getRolename());
                }
            });

            // 根据username查询权限
            List<Resources> resources = permissionService.getResourcesByUserName(principal);
            resources.forEach(res -> {
                if (res.getPermission()!=null){
                    simpleAuthorizationInfo.addStringPermission(res.getPermission());
                }
            });*/
        }
        return simpleAuthorizationInfo;
    }

    /**
     * 登录验证
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        JwtToken jwtToken = (JwtToken) authenticationToken;
        String token = jwtToken.getToken();
        try {
//            String username = tokenUtils.getUsernameFromToken(token);

            /*List<SysUser> userList = userFacade.selectByAccount(username);
            if(CollectionUtils.isEmpty(userList)) {
                throw new LoginException("用户不存在！");
            }

            if(userList.size() > 1) {
                throw new LoginException("用户不唯一！");
            }*/

            /*SysUser sysUser = userList.get(0);*/

            ShiroUserInfo userInfo = tokenUtils.getUserIdAndIsSuperAdmin(token);

            return new SimpleAuthenticationInfo(
                    userInfo ,
                    token,
                    getName()
            );
        } catch (Exception e) {
            throw new AuthenticationException(e);
        }
    }
}
